Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/133b52-7a66-41ab-aeee-c9b470dc240b/1/B9lGRz_dFvNUZ_BMDX5WeqBrkHs.roa
File: B9lGRz_dFvNUZ_BMDX5WeqBrkHs.roa (raw, json)
Hash identifier: dIhlXyjr8Y2ES3MTkdP/p2blzMzo1zUAr9d7hwn00u4=
Subject key identifier: 07:D9:46:47:3F:DD:16:F3:54:67:F0:4C:0D:7E:56:7A:A0:6B:90:7B
Certificate issuer: /CN=b466ac0a49255283cd53066971cd7b3dfe2a3ce8
Certificate serial: 057044B0
Authority key identifier: B4:66:AC:0A:49:25:52:83:CD:53:06:69:71:CD:7B:3D:FE:2A:3C:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tGasCkklUoPNUwZpcc17Pf4qPOg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7c/133b52-7a66-41ab-aeee-c9b470dc240b/1/B9lGRz_dFvNUZ_BMDX5WeqBrkHs.roa
Signing time: Sat 01 Jan 2022 11:01:10 +0000
ROA not before: Sat 01 Jan 2022 11:01:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48101
IP address blocks: 134.19.192.0/22 maxlen: 22
134.19.196.0/22 maxlen: 23
185.122.192.0/22 maxlen: 22
185.16.160.0/22 maxlen: 24
98.96.160.0/20 maxlen: 23
91.228.232.0/23 maxlen: 24
91.228.234.0/24 maxlen: 24
199.15.232.0/22 maxlen: 22
37.25.44.0/24 maxlen: 24
199.15.237.0/24 maxlen: 24
199.15.236.0/24 maxlen: 24
199.15.239.0/24 maxlen: 24
199.15.238.0/24 maxlen: 24
37.25.45.0/24 maxlen: 24
37.25.46.0/23 maxlen: 23
2a04:200::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 91243696 (0x57044b0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b466ac0a49255283cd53066971cd7b3dfe2a3ce8
Validity
Not Before: Jan 1 11:01:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=07d946473fdd16f35467f04c0d7e567aa06b907b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:d4:18:85:78:10:cb:88:ea:64:91:ee:cf:d5:
14:87:c1:b1:b7:93:d4:3a:fc:c0:95:6a:cb:94:54:
4b:4e:da:ac:f7:5e:6f:43:3e:48:04:27:5c:46:82:
ec:df:a9:ea:47:fa:e6:af:16:20:16:4b:65:27:fb:
7f:d5:96:f6:a0:c1:5f:70:5f:03:05:46:86:8d:68:
69:bc:08:c9:c8:20:f9:92:e5:47:c3:26:28:2b:5d:
56:30:02:42:73:57:75:57:ad:b7:a8:bb:d5:05:6c:
f6:98:44:08:4a:95:70:2c:65:c1:33:fa:28:9a:14:
c5:16:ef:2e:11:04:f5:d0:95:dc:fa:9b:e0:c1:14:
96:f2:bd:ef:97:96:27:f2:5a:11:45:40:2f:54:14:
07:ac:d6:46:ef:c3:39:1e:42:54:8b:56:07:b1:30:
bd:73:2b:9c:fe:96:a2:30:c1:66:47:41:54:d0:9a:
8d:24:29:25:63:b3:de:a7:54:65:67:64:ba:1d:41:
d4:60:a8:0f:54:13:fb:17:72:8b:d9:29:ed:52:4d:
cf:85:ee:44:75:d3:c5:f4:eb:e2:70:3d:e0:c3:7e:
77:e7:58:dd:06:b5:53:92:8b:cf:3e:15:ae:2f:80:
f5:f5:8f:7d:4e:d2:2c:4e:0e:39:a2:d7:ba:af:7c:
5e:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:D9:46:47:3F:DD:16:F3:54:67:F0:4C:0D:7E:56:7A:A0:6B:90:7B
X509v3 Authority Key Identifier:
keyid:B4:66:AC:0A:49:25:52:83:CD:53:06:69:71:CD:7B:3D:FE:2A:3C:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tGasCkklUoPNUwZpcc17Pf4qPOg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/133b52-7a66-41ab-aeee-c9b470dc240b/1/B9lGRz_dFvNUZ_BMDX5WeqBrkHs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/133b52-7a66-41ab-aeee-c9b470dc240b/1/tGasCkklUoPNUwZpcc17Pf4qPOg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.25.44.0/22
91.228.232.0-91.228.234.255
98.96.160.0/20
134.19.192.0/21
185.16.160.0/22
185.122.192.0/22
199.15.232.0/21
IPv6:
2a04:200::/29
Signature Algorithm: sha256WithRSAEncryption
28:ec:17:dd:94:41:41:9e:44:72:f0:bb:33:38:7c:84:fb:c9:
dc:69:7f:a3:70:80:a7:1b:ff:9c:35:fc:0b:89:f4:cb:2f:77:
ff:86:72:3d:eb:20:28:00:f7:34:b9:67:96:fc:7e:a1:41:ef:
9a:9f:18:c6:81:c4:3c:04:18:6a:70:81:e2:0a:fe:24:cd:6e:
85:4b:8f:19:e7:89:68:4a:b4:b3:f7:6d:fb:ef:e9:0a:ff:a5:
df:a7:3d:cc:a8:f3:08:56:b1:e6:97:36:cb:cd:c6:6a:4c:89:
77:b8:53:27:01:b1:34:ee:e3:df:c6:64:14:ef:1c:ee:22:91:
84:0d:94:06:ea:10:0f:ee:f2:65:71:33:f2:4e:4b:92:5b:c8:
6d:7e:65:db:c9:4f:02:2e:77:e1:0d:fd:bd:68:9d:96:22:c4:
5c:c8:43:3e:fc:a3:d2:6f:54:21:83:3d:0f:22:bc:90:ba:a5:
6e:37:dc:a4:57:03:11:9d:c8:db:8a:7a:44:81:e8:b0:57:1e:
47:83:5a:41:4b:be:46:aa:b9:64:dc:4c:b8:ac:36:0f:05:f0:
1c:e2:b4:10:59:de:1f:a7:09:c5:9d:b9:4c:b2:0b:7d:26:2b:
42:db:f8:33:17:82:e6:6b:4c:6d:95:f7:b5:26:e4:64:69:a3:
e3:35:35:dc
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIEBXBEsDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
NDY2YWMwYTQ5MjU1MjgzY2Q1MzA2Njk3MWNkN2IzZGZlMmEzY2U4MB4XDTIyMDEw
MTExMDExMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDdkOTQ2NDczZmRk
MTZmMzU0NjdmMDRjMGQ3ZTU2N2FhMDZiOTA3YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALfUGIV4EMuI6mSR7s/VFIfBsbeT1Dr8wJVqy5RUS07arPde
b0M+SAQnXEaC7N+p6kf65q8WIBZLZSf7f9WW9qDBX3BfAwVGho1oabwIycgg+ZLl
R8MmKCtdVjACQnNXdVett6i71QVs9phECEqVcCxlwTP6KJoUxRbvLhEE9dCV3Pqb
4MEUlvK975eWJ/JaEUVAL1QUB6zWRu/DOR5CVItWB7EwvXMrnP6WojDBZkdBVNCa
jSQpJWOz3qdUZWdkuh1B1GCoD1QT+xdyi9kp7VJNz4XuRHXTxfTr4nA94MN+d+dY
3Qa1U5KLzz4Vri+A9fWPfU7SLE4OOaLXuq98XmUCAwEAAaOCAkQwggJAMB0GA1Ud
DgQWBBQH2UZHP90W81Rn8EwNflZ6oGuQezAfBgNVHSMEGDAWgBS0ZqwKSSVSg81T
BmlxzXs9/io86DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3RHYXNDa2tsVW9QTlV3WnBjYzE3UGY0cVBPZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvN2MvMTMzYjUyLTdhNjYtNDFhYi1hZWVlLWM5YjQ3MGRjMjQwYi8x
L0I5bEdSel9kRnZOVVpfQk1EWDVXZXFCcmtIcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2Mv
MTMzYjUyLTdhNjYtNDFhYi1hZWVlLWM5YjQ3MGRjMjQwYi8xL3RHYXNDa2tsVW9Q
TlV3WnBjYzE3UGY0cVBPZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBa
BggrBgEFBQcBBwEB/wRLMEkwOAQCAAEwMgMEAiUZLDAMAwQDW+ToAwQAW+TqAwQE
YmCgAwQDhhPAAwQCuRCgAwQCuXrAAwQDxw/oMA0EAgACMAcDBQMqBAIAMA0GCSqG
SIb3DQEBCwUAA4IBAQAo7BfdlEFBnkRy8LszOHyE+8ncaX+jcICnG/+cNfwLifTL
L3f/hnI96yAoAPc0uWeW/H6hQe+anxjGgcQ8BBhqcIHiCv4kzW6FS48Z54loSrSz
92377+kK/6Xfpz3MqPMIVrHmlzbLzcZqTIl3uFMnAbE07uPfxmQU7xzuIpGEDZQG
6hAP7vJlcTPyTkuSW8htfmXbyU8CLnfhDf29aJ2WIsRcyEM+/KPSb1Qhgz0PIryQ
uqVuN9ykVwMRncjbinpEgeiwVx5Hg1pBS75Gqrlk3Ey4rDYPBfAc4rQQWd4fpwnF
nblMsgt9JitC2/gzF4Lma0xtlfe1JuRkaaPjNTXc
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:23 2023 by rpki-client on console.sobornost.net